Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiTenable Network SecurityZDI-07-004
HistoryJan 11, 2007 - 12:00 a.m.

CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability

2007-01-1100:00:00
Tenable Network Security
www.zerodayinitiative.com
18

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.943 High

EPSS

Percentile

99.2%

JSON

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Tape Engine RPC service which listens by default on TCP port 6503 with the following UUID: 2b93df0-8b02-11ce-876c-00805f842837 The service exposes a buffer overflow in the handler for RPC opnum 0xCF that allows for arbitrary code execution when handling user-supplied data from the RPC request.

Related

saint 12
securityvulns 4
zdi 1
cve 1
checkpoint_advisories 3
packetstorm 1
prion 1
cert 2
nessus 2
saint
saint
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
2007-01-19 00:00:00
BrightStor ARCserve Message Engine opnum 0x75 buffer overflow
2007-01-24 00:00:00
BrightStor ARCserve Backup Tape Engine opnum 0xCF buffer overflow
2007-02-09 00:00:00
securityvulns
securityvulns
ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-12 00:00:00
ZDI-07-004: CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability
2007-01-12 00:00:00
[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
2007-01-12 00:00:00
zdi
zdi
CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
cve
cve
CVE-2007-0169
2007-01-11 22:28:00
checkpoint_advisories
checkpoint_advisories
CA BrightStor ARCserve Backup Message Engine Opcode 47 Buffer Overflow (CVE-2007-0169)
2009-10-12 00:00:00
CA BrightStor ARCserve Backup Message Engine Opcode 117 Buffer Overflow (CVE-2007-0169)
2009-10-13 00:00:00
CA BrightStor ARCserve Backup Tape Engine RPC Opcode 207 Buffer Overflow (CVE-2007-0169)
2010-08-29 00:00:00
packetstorm
packetstorm
CA BrightStor ARCserve Message Engine Buffer Overflow
2009-11-26 00:00:00
prion
prion
Buffer overflow
2007-01-11 22:28:00
cert
cert
CA BrightStor ARCserve Backup Tape Engine RPC buffer overflow
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Message Engine RPC buffer overflow
2007-01-12 00:00:00
nessus
nessus
CA BrightStor ARCserve Backup Tape Engine Multiple Remote Overflows (QO84983)
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983)
2007-01-15 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.943 High

EPSS

Percentile

99.2%

JSON
Related for ZDI-07-004
saint12securityvulns4zdi1cve1checkpoint_advisories3packetstorm1prion1cert2nessus2